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DETAILED ACTION 

1. Claims 1-13 have been examined and is rejected under 35 
U.S.C. 102(e). 

Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) ^n application for patent, published under 
section 122(b), by another filed in the United States before the invention by the 
applicant for patent or (2) a patent granted on an application for patent by another 
. filed in the United States before the invention by the applicant for patent, except that 
an international application filed under the treaty defined in section 351(a) shall 
have the effects for purposes of this subsection of an application filed in the United 
States only if the international application designated the United States and was 
published under Article 21(2) of such treaty in the English language. 

2. Claims 1-9 and 11-13 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Reid, et al. (US 6,182,226). 

As per claim 1: (col., lines) 

Reid discloses a stealth firewall comprising: 

a first network interface to an external network; (coL2, lines 66- 

67) 

a second network interface to an internal network; (coL3, lines 
55-58) 

a packet filter for restricting access to said internal network (col. 3, 
lines 61-63), said packet filter not responding to said external network 
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upon receiving requests from said external network to access said 
internal network; and, (col. 12, lines 56-59 and col. 15, lines 61-63) 

a state machine pre-configured to transition across a plurality of 
internal states, from a restricting state to an access state, conditioned 
upon receiving a plurality of requests to access said internal network, 
said plurality of requests collectively comprising a code for causing said 
state machine to transition from said restricting state to said access state 
which causes said packet filter to permit access to said internal network. 
(col.5, line 58-col.6, line 40) 

As per claim 2: See col.l, lines 35-48 and col.4, line 20; discussing 
requests from said external network comprise transport control protocol 
(TCP) SYN messages. 

As per claim 3: See col.l, lines 35-48 and col.4, line 20; discussing 
each state in said state machine corresponds to data in a specified field 
of said TCP SYN messages. 

As per claim 4: See coL6, lines 12-13 and col. 7, lines 40-43; 

discussing specified field comprises a destination port field. 

As per claim 5: See col.5, lines 54-55; discussing code is a rolling 

code which can vary according to time. 

As per claim 6: See col. 6, lines 9-13; discussing packet filter can 
permit access to a specific port in said internal network based upon a 
destination port specified in a TCP SYN message received after 
transitioning to said access state in said state machine. 
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As per claim 7: 

Reid discloses a method for permitting access to a network protected 
behind a stealth firewall comprising the steps of: 

initializing a state machine configured to grant access to the 
stealth firewall contingent upon said state machine transitioning across 
a plurality of internal states responsive to receiving a plurality of 
requests to access the network from a single network device, said 
plurality of requests collectively comprising a code for causing said state 
machine to permit access to the network; (col. 5, lines 35-53) 

receiving an access request from a network device in a network 
which is external to the network protected behind the stealth firewall, 
identifying an access parameter in said access request (col.7, lines 31- 
51) and transitioning from an initial state in said state machine to an 
intermediate state if said identified access request satisfies transitioning 
criteria associated with said state machine for transitioning from said 
initial state to said intermediate state; (col. 5, line 58-col.6, line 40) 

receiving a further access request from said network device in said 
network which is external to the network protected behind the stealth 
firewall, identifying a further access parameter in said further access 
request and transitioning from an intermediate state in said state 
machine to a final state if said identified further access request satisfies 
transitioning criteria associated with said state machine for transitioning 
from an intermediate state to said final state; (col. 13, lines 31-67) 
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not providing a response to said network device upon receiving 
each said access request from said network device in said network which 
is external to the network protected behind the stealth firewall unless 
said network device provides a sequence of access requests to the stealth 
firewall causing said state machine to transition to said final state; and, 
(col. 12, lines 56-59 and col. 15, lines 61-63) 

upon transitioning to said final state, permitting said network 
device to access the network protected behind the stealth firewall. 
(coL16, lines 59-66) 
As per claim 8: 

Reid discloses a method for permitting access to a network protected 
behind a stealth firewall comprising the steps of: 

receiving a plurality of access requests from a plurality of network 
devices which are external to the network protected behind the stealth 
firewall; (coL3, lines 34-35) 

not providing a response to said plurality of network device upon 
receiving each of said access requests; (col. 12, lines 56-59 and col. 15, 
lines 61-63) 

identifying access request parameters in said received access 
requests; (col. 5, lines 58-63) 

performing state transitions in a state machine in the stealth 
firewall based upon identifying particular ones of said identified access 
request parameters; and, (col.7, lines 34-51) 
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upon identifying a pre-determined sequence of access request 
parameters, said identification of said sequence of access request 
parameters causing a corresponding sequence of state transitions in the 
said machine, permitting access to a selected network device responsible 
for transmitting said sequence of access requests parameters, (col. 16, 
lines 20-65) 
As per claim 9: 

Reid discloses a method for permitting access to a network protected 
behind a stealth firewall comprising the steps of: 

configuring a state machine to grant access to the stealth firewall 
contingent upon said state machine transitioning through a plurality of 
states based upon a sequence of access request parameters identified in 
received access requests from a single network device; (col. 16, lines 20- 
65) 

setting said sequence of access parameters to a specific set of 
access parameters; and, (coL7, lines 34-51) 

disposing said state machine in the stealth firewall, (col. 5, lines 
34-38) 

As per claim 11: 

Reid discloses a machine readable storage having stored thereon a 
computer program for permitting access to a network protected behind a 
stealth firewall, said computer program comprising a routine set of 
instructions for performing the steps of: 
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initializing a state machine configured to grant access to the 
stealth firewall contingent upon said state machine transitioning across 
a plurality of internal states responsive to receiving a plurality of 
requests to access the network from a single network device, said 
plurality of requests collectively comprising a code for causing said state 
machine to permit access to the network; (col. 5, lines 35-53) 

receiving an access request from a network device in a network 
which is external to the network protected behind the stealth firewall, 
identifying an access parameter in said access request (col.7, lines 31- 
51) and transitioning from an initial state in said state machine to an 
intermediate state if said identified access request satisfies transitioning 
criteria associated with said state machine for transitioning from said 
initial state to said intermediate state; (col. 5, line 58-coL6, line 40) 

receiving a further access request from said network device in said 
network which is external to the network protected behind the stealth 
firewall, identifying a further access parameter in said further access 
request and transitioning from an intermediate state in said state 
machine to a final state if said identified further access request satisfies 
transitioning criteria associated with said state machine for transitioning 
from an intermediate state to said final state; (col. 13, lines 31-67) 

not providing a response to said network device upon receiving 
each said access request from said network device in said network which 
is external to the network protected behind the stealth firewall unless 
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said network device provides a sequence of access requests to the stealth 
firewall causing said state machine to transition to said final state; and, 
(col. 12, lines 56-59 and col. 15, lines 61-63) 

upon transitioning to said final state, permitting said network 
device to access the network protected behind the stealth firewall, 
(col. 16, lines 59-66) 
As per claim 12: 

Reid discloses a machine readable storage: having stored thereon a 
computer program for permitting access to a network protected behind a 
stealth firewall, said computer program comprising a routine set of 
instructions for performing the steps of: 

receiving a plurality of access requests from a plurality of network 
devices which are external to the network protected behind the stealth 
firewall; (col. 3, lines 34-35) 

not providing a response to said plurality of network device upon 
receiving each of said access requests; (col. 12, lines 56-59 and col. 15, 
lines 61-63) 

identifying access request parameters in said received access 
requests; (col. 5, lines 58-63) 

performing state transitions in a state machine in the stealth 
firewall based upon identifying particular ones of said identified access 
request parameters; and, (col. 7, lines 34-51) 
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upon identifying a pre-determined sequence of access request 
parameters, said identification of said sequence of access request 
parameters causing a corresponding sequence of state transitions in the 
said machine, permitting access to a selected network device responsible 
for transmitting said sequence of access requests parameters, (col. 16, 
lines 20-65) 
As per claim 13: 

Reid discloses a machine readable storage having stored thereon a 
computer program for permitting access to a network protected behind a 
stealth firewall, said computer program comprising a routine set of 
instructions for performing the steps of: 

configuring a state machine to grant access to the stealth firewall 
contingent upon said state machine transitioning through a plurality of 
states based upon a sequence of access request parameters identified in 
received access requests from a single network device; (coL16, lines 20- 
65) 

setting said sequence of access parameters to a specific set of 
access parameters; and, (coL7, lines 34-51) 

disposing said state machine in the stealth firewall, (col. 5, lines 
34-38) 
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Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under 
section 122(b), by another filed in the United States before the invention by the 
applicant for patent or (2) a patent granted on an application for patent by another 
filed in the United States before the invention by the applicant for patent, except that 
an international application filed under the treaty defined in section 351(a) shall 
have the effects for purposes of this subsection of an application filed in the United 
States only if the international application designated the United States and was 
published under Article 21(2) of such treaty in the English language. 

3. Claim 10 is rejected under 35 U.S.C. 102(e) as being 
anticipated by Rothermal, et al. (US 6,678,827). 
As per claim 10: 

Reid discloses a stealth firewall comprising: 

a first network interface to an external network; a second network 
interface to an internal network; (col. 1, lines 23-35) 

a packet filter for restricting access to said internal network (coL4, 
lines 51-54), said packet filter ignoring requests from said external 
network to access said internal network; (col.5, lines 14-17) 

fixed storage in which at least one authentication password can be 
stored; (coL6, lines 60-62) 

a hash processor configured to apply a hashing algorithm to said 
stored at least one authentication password; and, (col.5, lines 63-64) 

a comparator configured to compare a hashed password and 
timestamp received from said first network interface (col.6, lines 36-49), 
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with a hashed result produced by said hash processor for a stored 
password associated with a user at said first network interface, said 
comparator causing said packet filter to permit access to said internal 
network where said hashed password and timestamp matches said 
hashed result, (col. 12, lines 5-6 and col. 13, lines 47-67) 

Conclusion 

Any inquiry concerning this communication or earlier 
communications from the examiner should be directed to LEYNNA T. HA 
whose telephone number is (571) 272-3851. The examiner can normally 
be reached on Monday - Thursday (7:00 - 5:00PM). 

If attempts to reach the examiner by telephone are unsuccessful, 
the examiner's supervisor, Kim Vu can be reached on (571) 272-3859. 
The fax phone number for the organization where this application or 
proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained 
from the Patent Application Information Retrieval (PAIR) system. Status 
information for published applications may be obtained from either 
Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more 
information about the PAIR system, see http:/ /pair-direct.uspto.gov. 
Should you have questions on access to the Private PAIR system, contact 
the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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